mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,568 Commits 6 Branches 74 Tags 84 MiB
7267eafe0f
Commit Graph

609 Commits

Author SHA1 Message Date
Pawel Jakub Dawidek
31529071fd Add glue that enables server-side support for Standard RDP Security. 2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
7207e945c3 - Ignore received encryption_method and encryption_level if we don't support encryption. 
- Print a warning if we receive unregognized type.
 2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
daf565dbd3 Add complete implementation of gcc_write_server_security_data() function 
that implements server-side Standard RDP Security.
 2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
0a97242b3c Add rdp_server_establish_keys() function that is responsible for 
establishing encryption keys for server-side Standard RDP Security.
 2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
76f36461ff Add a note why we are skipping 8 bytes. 2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
ee9739f490 Add API to load RSA key for Standard RDP Security in server mode. 2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
f5033b1a7c - Don't fill client_random with 0x5e, we are going to fill it up with 
random data in the next line.
- Use less magic numbers.
 2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
86910c8401 Add missing decryption. 2012-01-25 17:16:44 +01:00
Pawel Jakub Dawidek
d37cff01ed White-space fixes. 2012-01-25 17:15:44 +01:00
Pawel Jakub Dawidek
ac87b066fb Correct style. 2012-01-25 17:15:35 +01:00
Pawel Jakub Dawidek
31b6968263 Add a comment explaining why we always encode length in two bytes, eventhough we could use one byte sometimes. 2012-01-25 17:15:25 +01:00
Pawel Jakub Dawidek
61aa1dfb79 Add Standard RDP encryption suport for fastpath. Both input and output. 2012-01-25 17:15:17 +01:00
Pawel Jakub Dawidek
9c8a6bd8e9 Add some FASTPATH_INPUT_* enums. 2012-01-25 17:15:09 +01:00
Pawel Jakub Dawidek
68b9f65e87 Add --secure-checksum option that will enable usage of salted checksums 
with Standard RDP encryption.
 2012-01-25 17:14:58 +01:00
Pawel Jakub Dawidek
cea62dd9f6 Simplify code by using per_read_length() instead of reimplementing it. 2012-01-25 17:14:51 +01:00
Pawel Jakub Dawidek
af87360135 MCS data header might be 7 or 8 bytes long, depending on the length. 
To reduce confusion a bit rename MCS_SEND_DATA_HEADER_LENGTH to
MCS_SEND_DATA_HEADER_MAX_LENGTH and also rename other defines that use
MCS_SEND_DATA_HEADER_MAX_LENGTH.
 2012-01-25 17:14:44 +01:00
Pawel Jakub Dawidek
e2be360ec4 Add support for SEC_SECURE_CHECKSUM and FASTPATH_OUTPUT_SECURE_CHECKSUM flags. 2012-01-25 17:14:31 +01:00
Pawel Jakub Dawidek
4df52d7a42 Use rdp_read_security_header() to read security header. 2012-01-25 17:14:19 +01:00
Pawel Jakub Dawidek
b3a4be0298 We calculate checksum on plain text, so we must have already decrypt it, which means decrypt_use_count is off by one. Account for this. 2012-01-25 17:14:11 +01:00
Pawel Jakub Dawidek
207cb9b818 Fix typo: use & instead of | to check for flags. This fixes detection of requested protocols. 2012-01-25 17:13:53 +01:00
Pawel Jakub Dawidek
609d177412 Handle short writes properly in transport_write(). 
Before this change if short write (send) occured, we were trying to
resend without updating length variable, so we were trying to send
too much and the following undefined data were causing the other
side to terminate connection.
 2012-01-24 11:46:35 +01:00
Pawel Jakub Dawidek
8e91faf139 - Rename rdp_establish_keys() to rdp_client_establish_keys() as it is only 
responsible for establishing keys on the client side.
- Simplify rdp_client_establish_keys() by using rdp_write_header() and
  rdp_write_security_header() function instead of reimplementing them
  and by using existing defines instead of magic values.
 2012-01-23 18:23:52 +01:00
Pawel Jakub Dawidek
164c8a0a67 Whitespace fixes. 2012-01-19 05:36:52 +01:00
Pawel Jakub Dawidek
8238f2369d - Simplify security_mac_signature() API. 
- Introduce implementation of security_salted_mac_signature() that would be
  used to handle packets with SEC_SECURE_CHECKSUM flag.
 2012-01-19 05:10:06 +01:00
Pawel Jakub Dawidek
ab4beb787f Implement signature verification in Server Security Data packet. 
Because this signature doesn't protect against anything, only warn
the user if it is invalid.
 2012-01-19 04:49:03 +01:00
Pawel Jakub Dawidek
44663ab332 Introduce more complete RSA API that implements: 
- crypto_rsa_public_encrypt()
- crypto_rsa_public_decrypt()
- crypto_rsa_private_encrypt()
- crypto_rsa_private_decrypt()
 2012-01-19 04:48:52 +01:00
Pawel Jakub Dawidek
a118afa879 Add Terminal Services Signing Keys. 2012-01-19 04:48:43 +01:00
Pawel Jakub Dawidek
3bbd2f28c7 Use CRYPTO_*_DIGEST_LENGTH defines instead of magic values. 2012-01-19 04:48:32 +01:00
Pawel Jakub Dawidek
af5501cdc5 Introduce CRYPTO_SHA1_DIGEST_LENGTH and CRYPTO_MD5_DIGEST_LENGTH that hold 
number of bytes needed for a given hash.
 2012-01-19 04:48:23 +01:00
Pawel Jakub Dawidek
9b07d525fb Introduce SIGNATURE_ALG_RSA and KEY_EXCHANGE_ALG_RSA defines and use them 
instead of magic values.
 2012-01-17 17:55:31 +01:00
Pawel Jakub Dawidek
6f418cb20b PROTOCOL_RDP is 0, so don't perform bitwise operations on it. 2012-01-17 17:52:12 +01:00
Pawel Jakub Dawidek
1dd33b49d5 The ber_write_length() function can store variable number of bytes (one or 
three). We can't tell until we write other data and know the length, so don't
assume how much space will by consumed to store length. Bug was observed with
the mcs_write_connect_response() function, where the function assumed that
application tag will take three bytes, but it was taking five.
 2012-01-17 14:17:04 +01:00
Marc-André Moreau
949bce4d54 wfreerdp: fix warnings and color conversion 2012-01-16 11:40:18 -05:00
Marc-André Moreau
757e41a0d5 Merge pull request #347 from pjd/pullreq 
Use of stream_read() / stream_write()
 2012-01-16 07:18:50 -08:00
Pawel Jakub Dawidek
7056f5f5ef Make use of stream_read(). 2012-01-16 15:56:47 +01:00
Pawel Jakub Dawidek
4815924d0e Use stream_read() instead of memcpy() + stream_seek(). 2012-01-16 15:56:39 +01:00
Pawel Jakub Dawidek
74860814fc Use stream_write() instead of memcpy() + stream_seek(). 2012-01-16 15:56:31 +01:00
Pawel Jakub Dawidek
6a7fe3e520 If we are server, our encryption key is client's decryption key and vice-versa. 2012-01-16 15:55:06 +01:00
Marc-André Moreau
42dfd2627b libfreerdp-core: fix FreeBSD compilation 2012-01-16 08:27:07 -05:00
Marc-André Moreau
f42b5f6a42 Merge pull request #344 from atong/master 
various glyph cache resource fixes
 2012-01-16 03:51:15 -08:00
Anthony Tong
2c30b11be2 glyph-cache: free pixmap, cache entries, cache fragments, and reuse secondary glyph cache buffers 2012-01-15 15:35:08 -05:00
Marc-André Moreau
8ed44b4f17 libfreerdp-core: add integer overflow check in GCC 2012-01-15 15:20:39 -05:00
Marc-André Moreau
277cbc3ccc libfreerdp-core: refactor header encoding fix 2012-01-15 15:16:32 -05:00
Marc-André Moreau
ccfb88b049 libfreerdp-core: apply RDP signature verification patch from Pawel Jakub Dawidek 2012-01-15 15:01:16 -05:00
Marc-André Moreau
0c9db6a40a libfreerdp-core: pad larger portion of rdpSettings 2012-01-14 14:42:36 -05:00
Marc-André Moreau
3f91e24a4d libfreerdp-core: added freerdp_get_version() 2012-01-14 13:33:04 -05:00
Marc-André Moreau
c1291c3601 libfreerdp-core: cleanup warnings in mppc.c 2012-01-13 18:39:09 -05:00
Marc-André Moreau
5f7902dee4 libfreerdp-core: fix incorrect length in share control header, fix VRDP connectivity 2012-01-13 16:20:36 -05:00
Anthony Tong
7e8709ebbd libfreerdp-core: fix reuse issue with osb's deleteList 2012-01-11 13:24:01 -05:00
Marc-André Moreau
c3f1c325e5 libfreerdp-core: fix encoding of capability set headers 2012-01-10 23:04:10 -05:00